--- a/Overview.html Thu Aug 22 11:12:41 2013 -0400
+++ b/Overview.html Thu Aug 22 11:31:27 2013 -0400
@@ -517,7 +517,8 @@
</span><span class="pun">});</span><span class="pln">
</span><span class="pun">}</span><span class="pln">
-</span><div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_3"><span><span class="typ">Note</span></span></div><div class=""><span class="typ">The</span><span class="pln"> conversion to an </span><code><span class="typ">ArrayBufferView</span></code><span class="pln"> must be consistent </span><span class="kwd">with</span><span class="pln"> the conversion to the bits on the server</span><span class="pun">-</span><span class="pln">side</span><span class="pun">,</span><span class="pln"> so that the SHA</span><span class="pun">-</span><span class="lit">256</span><span class="pln"> digests can be compared accurately</span><span class="pun">.</span></div></div></pre></div>
+</span></pre></div>
+<div class="note"><div class="note-title" aria-level="3" role="heading" id="h_note_3"><span><span class="typ">Note</span></span></div><div class=""><span class="typ">The</span><span class="pln"> conversion to an </span><code><span class="typ">ArrayBufferView</span></code><span class="pln"> must be consistent </span><span class="kwd">with</span><span class="pln"> the conversion to the bits on the server</span><span class="pun">-</span><span class="pln">side</span><span class="pun">,</span><span class="pln"> so that the SHA</span><span class="pun">-</span><span class="lit">256</span><span class="pln"> digests can be compared accurately</span><span class="pun">.</span></div></div>
<p>In this case, <code>getHashFromCDN()</code> runs within the origin of the page of the social networking site, accessed through TLS, and allows the CDN to transform the code blob into an ArrayBufferView, perform a digest operation, and then allow client-side code to do the same with what is in <code>localStorage</code>; if the two digests are exactly equivalent, the code in <code>localStorage</code> is sanctioned for use, and if not, code is fetched anew from the CDN.</p>
</section>
<section id="encrypted-communications-via-webmail">
@@ -623,11 +624,11 @@
</span><span class="pun">},</span><span class="pln"> </span><span class="com">// signed using Karen's private key minted by Persona.org for karen@webcrypto.com</span><span class="pln">
</span><span class="str">"certificate"</span><span class="pun">:</span><span class="pln"> </span><span class="pun">{</span><span class="pln">
</span><span class="str">"email"</span><span class="pun">:</span><span class="pln"> </span><span class="str">"karen@webcrypto.com"</span><span class="pun">,</span><span class="pln">
- </span><span class="str">"public-key"</span><span class="pun">:</span><span class="pln"> </span><span class="str">"</span><karens-public-key><span class="str">"</span><span class="pun">,</span><span class="pln">
+ </span><span class="str">"public-key"</span><span class="pun">:</span><span class="pln"> </span><span class="str">"</span><span class="str">"</span><span class="pun">,</span><span class="pln">
</span><span class="str">"valid-until"</span><span class="pun">:</span><span class="pln"> </span><span class="lit">1308860561861</span><span class="pun">,</span><span class="pln">
</span><span class="pun">}</span><span class="pln"> </span><span class="com">// certificate is signed by Persona.org</span><span class="pln">
</span><span class="pun">};</span><span class="pln">
-</span></karens-public-key></pre></div>
+</span></pre></div>
</li>
<li><p>Persona.org then sends this over to script hosted by PSS using cross-origin messaging.</p>